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Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1)K Responsive to communication(s) filed on 03 November 2004 . 
2a)C3 This action is FINAL. 2b)D This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) Kl Claim(s) 1,4-13. 15. 17. 18.20.22-33 and 35-96 is/are pending in the application. 

4a) Of the above claim(s) 2.3.14.16.19.21 and 34 is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) |3 Claim(s) See Continuation Sheet is/are rejected. 

7) |3 Claim(s) 18.41.59.66.77.81.83.86.89.91 and 94 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)13 The drawing(s) filed on 03 November 2000 is/are: a)IE accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (0- 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. Claims 1, 4-13, 15-17, 18, 20, 22-33 and 35-96 are pending in the application. 

2. Claims 1, 4-13, 15, 17, 20, 22-33, 35-40, 42-58, 60-65, 67-76, 78-80, 82, 84, 85, 87, 88, 90, 
92, 93, 95 and 96 have been rejected. 

3. Claims 18, 41, 59, 66, 77, 81, 83, 86, 89, 91 and 94 have been objected to. 

4. Claims 2, 3, 14, 16, 19, 21 and 34 have been cancelled. 

Response to Amendment 

5. The examiner approves the amendment made to the specification. The applicant has 
corrected a typographical error and has not added new matter. 

6. The examiner approves the amendment made to claims 84, 87, 90, 92 and 94. The applicant 
has corrected a typographical error and has not added new matter. 

Response to Arguments 

7. Applicant's arguments with respect to claims 1, 4-13, 15-17, 18, 20, 22-33 and 35-96 have 
been considered but are moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC §102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the United 
States before the invention thereof by the applicant for patent, or on an international application by another who 
has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this title before the invention 
thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 1999 
(AIPA) and the Intellectual Property and High Technology Technical Amendments Act of 2002 
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do not apply when the reference is a U.S. patent resulting directly or indirectly from an 
international application filed before November 29, 2000. Therefore, the prior art date of the 
reference is determined under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre-AIPA 
35U.S.C. 102(e)). 

8. Claims 1, 4-7, 11, 13, 17, 20, 71-75, 82 and 88 are rejected under 35 U.S.C 102(e) as 
being anticipated by Carino, Jr. et al U.S. Patent No. 6,651,072 Bl (hereinafter Carino). 

As to claim 1, Carino discloses a method for establishing a secure communication 
channel between a client and an application server comprising the steps of: 

(a) receiving, at a web server, a request from a client to have an application 
program executed on an application server and to have output from the application 
program executing on the application server transmitted to the client [column 5, lines 54- 
64]; 

(b) generating by a ticket service, a ticket having an identifier and a session key 
[column 12, lines 3-38]; 

(c) obtaining, by the web server, the ticket from the ticket service [column 12, 
lines 3-38]; 

(d) transmitting, by the web server, the ticket to the client over a secure 
communication channel [column 1 1 line 62 to column 12 line 2]; 

(e) transmitting, by the client, the identifier from the ticket to the application 
server [column 12, lines 3-38]; 

(f) obtaining., by the application server, a copy of the session key from the ticket 
service using the identifier [column 12, lines 3-38]; 
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(g) establishing an application communication channel between the client and the 
application server [column 12 line 55 to column 13 line 3]; 

(h) executing, by the application server, the application program identified in the 
request [column 13 line 59 to column 14 line 32]; 

(i) transmitting, by the application server, output of the application program over 
the application communication channel via a remote display protocol [column 13 line 59 
to column 14 line 32]; and 

(j) encrypting the output communicated to the client over the application 

communication channel using the session key [column 13 line 59 to column 14 line 32]. 

As to claims 4 and 72, Carino discloses that the ticket service resides on the web server 
[column 12, lines 3-38], 

As to claims 5 and 73, Carino discloses transmitting, by the application server, the 
identifier to the web server over a server communication channel [column 12, lines 3-38]. 

As to claim 6, Carino discloses receiving, by the application server, a response to 
transmitting the identifier to the web server, the response including the session key [column 12, 
lines 3-38]. 

As to claim 7, Carino discloses validating, by the web server, the identifier [column 12, 
lines 3-38]. 

As to claim 11, Carino discloses establishing the server communication channel as a 
secure communication channel [column 9, lines 42-59], 

As to claim 13, Carino discloses a method for establishing a secure communication 
channel between a client and an application server comprising the steps of: 
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(a) receiving a request from a web server to execute an application program on 
behalf of a client and transmit to the client output from the application program executing 
on the application server [column 5, lines 54-64]; 

(b) receiving an identifier from the client [column 12, lines 3-38]; 

(c) obtaining from the web server a copy of a session key associated with the 
identifier [column 12, lines 3-38]; 

(d) establishing an application communication channel with the client [column 12 
line 55 to column 13 line 3]; 

(e) executing the application program identified in the request [column 13 line 59 
to column 14 line 32]; 

(f) transmitting output of the executing application program over the application 
communication channel via a remote display protocol [column 13 line 59 to column 14 
line 32]; and 

(g) encrypting the output using the session key [column 13 line 59 to column 14 
line 32]. 

As to claims 17 and 71, Carino discloses that the ticket is generated by a ticket service, as 
discussed above. 

As to claim 20, Carino discloses that step (b) further comprises receiving a password 
from the client [column 12, lines 3-38]. 

As to claim 82, Carino discloses that step (j) further comprises decrypting 
communications from the application server using the session key [column 12, lines 3-38]. 
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As to claim 74, Carino discloses that the application server receives a response to 
transmitting the identifier to the web server, the response including the session key [column 12, 
lines 3-38]. 

As to claim 75, Carino discloses that the web server validates the identifier [column 12, 
lines 3-38]. 

As to claim 88, Carino discloses that step (g) further comprises decrypting 
communications from the client [column 12, lines 3-38]. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

9. Claims 8 and 76 are rejected under 35 U.S.C. 103(a) as being unpatentable over Carino, 
Jr. et al U.S. Patent No. 6,651,072 Bl as applied to claims 1 and 13 above, and further in 
view of Johnson et al U.S. Patent No. 5,560,008. 

As to claims 8 and 76, Carino does not teach confirming by the web server that the 
identifier is received by the web server within a certain time frame relative to a time that the 
identifier is transmitted by the web server to the client. 

Johnson et al teaches confirming by a server that an identifier is received by the web 
server within a certain time frame relative to a time that the identifier is transmitted by a. web 
server to a client [column 10 line 62 to column 1 1 line 29]. 
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Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Carino so that the web server confirmed that the 
that the identifier was received by the web server within a certain time frame relative to a time 
that the identifier was transmitted by the web server to the client. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Carino by the teaching of Johnson et al because the server 
is not required to store the user information longer than needed or desired by the server. This 
provides for the cases in which the authentication for a user is good for a specified length of 
time, such as a certain number of minutes or hours or days. After this predetermined period of 
time, the server discards the credentials structure, and will no longer honor a request containing 
that credentials identifier. This forces the user machine to perform a new request for service, 
thereby inherently enforcing a periodic authentication of remote users in order to ensure that 
there has not been a masquerading of users [column 6, lines 38-49]. 

10. Claims 9, 10, 78 and 79 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Carino, Jr. et al U.S. Patent No. 6,651,072 Bl as applied to claims 1 and 13 above, and 
further in view of Davis U.S. Patent No. 5,818,939. 

As to claims 9 and 10, Carino does not teach that the session key is substantially 
equivalent to a null value. Carino does not teach that the null value is a constant value. 

Davis teaches session keys that are equivalent to a null value. Davis teaches that the null 
value is a constant value [column 4 line 57 to column 5 line 12]. 
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Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Carino so that the session keys had a null value 
and the null value was constant. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Carino by the teaching of Davis because the examiner 
asserts by assigning this value to the session key this enables the client and server to know if the 
session key is still valid for communication. 

11. Claims 12, 22-27, 29-33, 35-40, 46-50, 52-57, 64, 65, 68, 85, 87, 93 and 96 are rejected 
under 35 U.S.C. 103(a) as being unpatentable over Carino, Jr. et al U.S. Patent No. 
6,651,072 Bl in view of Anderson et al U.S. Patent No. 6,108,787. 

As to claims 12, 22, 37, 46 and 87, Carino discloses a method for establishing a secure 
communication channel between a client and an application server comprising the steps of: (a) 
transmitting, to a web server a request to have an application server execute an application 
program and transmit output from the application program executing on the application server; 
(b) establishing a secure web communication channel between a web browser executing on the 
client and the web server; (c) receiving a ticket having an identifier and a session key from the 
web server over the secure web communication channel; (d) establishing an application 
communication channel with the application server over the application communication channel; 
(e) transmitting the identifier from the ticket to the application server over an application 
communication channel to provide the application server with information for obtaining a copy 
of the session key; 
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(f) receiving output of the application program, identified in the request, from the application 
server over the application communication channel; and (g) decrypting the output using the 
session key, all as discussed above. 

Carino does not teach that the remote display protocol is the Remote Desktop Protocol. 

Anderson et al teaches a remote display protocol that is the Remote Desktop Protocol 
[column 14, lines 5-11]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Carino so that the remote display protocol would 
have been the Remote Desktop Protocol. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Carino by the teaching of Anderson et al because it allows 
a user in a more classified network to run an application on an information processing means 
(e.g. workstation in the less classified network while displaying the results of the session on the 
information processing means (e.g. workstation) in the more classified network [column 14, lines 
5-11]. 

As to claims 23, 47 and 65, Carino teaches that the ticket service resides on the web 
server, as discussed above. 

As to claims 35, 40, 57 and 68, Carino teaches that the step (e) further comprises 
transmitting a password to the application server [column 12, lines 3-38]. 

As to claim 24, Carino teaches the application server transmitting the identifier to the 
web server over a server communication channel, as discussed above. 
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As to claims 25 and 48, Carino teaches the application server requesting a copy of the 
session key in response to receiving the identifier from the client [column 12, lines 3-38]. 

As to claims 26 and 49, Carino teaches the web server validating the identifier [column 
12, lines 3-38]. 

As to claims 27 and 50, Carino teaches that the web server validates the identifier has not 
been previously received from the application server [column 12, lines 39-53]. 

As to claim 29, Carino teaches the web server transmitting the session key to the 
application server over the server communication channel [column 12, lines 3-38]. 

As to claims 30 and 53, Carino teaches that the server communication channel is a secure 
communication channel, as discussed above. 

As to claims 31, 38 and 54, Carino teaches the web server transmitting additional 
information to the application server over the server communication channel [column 11, lines 
51-61]. 

As to claims 32 and 55, Carino teaches that the additional information comprises login 
information of a user of the client [column 11, lines 51-61]. 

* As to claims 33 and 56, Carino teaches that the additional information comprises a name 
of a software application executing on the application server [column 1 1, lines 51-61]. 

As to claim 36, Carino teaches that the ticket service transmitting information 
corresponding to at least one of the client and a user operating the client to the application server 
[column 12, lines 3-38]. 

As to claim 39, Carino teaches that the additional information further comprises an 
address of the application server [column 1 1, lines 51-61]. 
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As to claim 52, Carino teaches that the web server transmits the session key to the 
application server over a server communication channel in response to receiving the identifier 
from the application server, as discussed above. 

As to claim 58, Carino teaches that the ticket service transmits information corresponding 
to at least one of the client and a user operating the client to the application server [column 12, 
lines 3-38]. 

As to claim 64, Carino teaches that the ticket is generated by a ticket service, as discussed 

above. 

As to claim 85, Carino teaches that the step (g) further comprises encrypting 
communications to the application server, as discussed above. 

As to claim 93, Carino teaches that the client encrypts communications to the application 
server using the session key, as discussed above. 

As to claim 96, Carino teaches that the application server decrypts communications from 
the client using the session key, as discussed above. 

12. Claim 15 is rejected under 35 U.S.C. 103(a) as being unpatentable over Carino, Jr. et al 
U.S. Patent No. 6,651,072 Bl as applied to claim 13 above, and further in view of Gifford 
U.S. Patent No. 6,049,785. 

As claim 15, Carino does not teach that step (b) comprises receiving a nonce from the 

client. 

GifFord teaches an identifier that is a nonce. 
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Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Carino so that a nonce was received from the 
client in step (b). 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Carino by the teaching of Gifford because the examiner 
asserts that a nonce is used to prevent replay attacks. 

13. Claims 28 and 51 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Carino, Jr. et al U.S. Patent No, 6,651,072 Bl and Anderson et al U.S. Patent No. 
6,108,787as applied to claims 22 and 46 above, and further in view of Johnson et al U.S. 
Patent No. 5,560,008. 

As to claims 28 and 51, the Carino- Anderson combination does not teach that the web 
server validates the identifier when the identifier is received by the web server within a 
predetermined time frame. 

Johnson et al teaches confirming by a server that an identifier is received by the web 
server within a certain time frame relative to a time that the identifier is transmitted by a web 
server to a client [column 10 line 62 to column 1 1 line 29]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified the Carino- Anderson combination so that the web 
server would have validated the identifier when the identifier was received by the web server 
within a certain time frame. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified the Carino-Anderson combination by the teaching of 
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Johnson et al because the server is not required to store the user information longer than needed 
or desired by the server. This provides for the cases in which the authentication for a user is 
good for a specified length of time, such as a certain number of minutes or hours or days. After 
this predetermined period of time, the server discards the credentials structure, and will no 
longer honor a request containing that credentials identifier. This forces the user machine to 
perform a new request for service, thereby inherently enforcing a periodic authentication of 
remote users in order to ensure that there has not been a masquerading of users [column 6, lines 
38-49]. 

14. Claims 42, 63 and 67 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Carino, Jr. et al U.S. Patent No. 6,651,072 Bl and Anderson et al U.S. Patent No. 6,108,787 
as applied to claims 12, 37 and 46 above, and further in view of Baskey et al U.S. Patent No. 
6,049,785. 

As to claims 42, 63 and 67, the Carino-Anderson combination does not teach that step (b) 
further comprises using secure socket layer technology to establish the secure web 
communication channel. 

Baskey et al teaches using SSL and its benefits [column 5, lines 17-37]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified the Carino-Anderson combination so that step (b) 
would have further comprised using secure socket layer technology to establish the secure web 
communication channel. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified the Carino-Anderson combination by the teaching of 
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Baskey et al because SSL is application protocol independent. A higher-level protocol can layer 
on top of the SSL Protocol transparently. Thus, the SSL protocol provides connection security 
where encryption is used after an initial handshake to define a secret key, and where the 
communication partner's identity can be authenticated using asymmetric, or public key, 
cryptography such as RSA [column 1, lines 30-41]. 

15. Claims 43 and 60 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Carino, Jr. et al U.S. Patent No. 6,651,072 Bl and Anderson et al U.S. Patent No. 6,108,787 
as applied to claims 37 and 46 above, and further in view of Gifford U.S. Patent No. 
6,049,785. 

As claims 43 and 60, the Carino-Anderson combination does not teach that the identifier 
is a nonce. 

Gifford teaches an identifier that is a nonce. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified the Carino-Anderson combination so that the 
identifier was a nonce. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified the Carino-Anderson combination by the teaching of 
Gifford because the examiner asserts that a nonce is used to prevent replay attacks. 

16. Claims 44, 45, 61, 62, 69 and 70 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Carino, Jr. et al U.S. Patent No. 6,651,072 Bl and Anderson et al U.S. 
Patent No. 6,108,787 as applied to claims 12, 37 and 46 above, and further in view of Davis 
U.S. Patent No. 5,818,939. 
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As to claims 44, 45, 61, 62, 69 and 70, the Carino- Anderson combination does not teach 
that the session key is substantially equivalent to a null value. Carino does not teach that the null 
value is a constant value. 

Davis teaches session keys that are equivalent to a null value. Davis teaches that the null 
value is a constant value [column 4 line 57 to column 5 line 12]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified the Carino-Anderson combination so that the 
session keys had a null value and the null value was constant. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified the Carino-Anderson combination by the teaching of Davis 
because the examiner asserts by assigning this value to the session key this enables the client and 
server to know if the session key is still valid for communication. 

17. Claim 80 is rejected under 35 U.S.C. 103(a) as being unpatentable over Carino, Jr. et al 
U.S. Patent No. 6,651,072 Bl as applied to claim 1 above, and further in view of Giflford 
U.S. Patent No. 6,049,785. 

As claim 80, Carino does not teach that the identifier is a nonce. 
Gifford teaches an identifier that is a nonce. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Carino so that the identifier was a nonce. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Carino by the teaching of Gifford because the examiner 
asserts that a nonce is used to prevent replay attacks. 
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18. Claims 84 and 90 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Carino, Jr. et al U.S. Patent No. 6,651,072 Bl as applied to claims 1 and 13 above, and 
further in view of Anderson et al U.S. Patent No. 6,108,787. 

As to claims 84 and 90, Carino does not teach that the remote display protocol is the 
Remote Desktop Protocol. 

Anderson et al teaches a remote display protocol that is the Remote Desktop Protocol 
[column 14, lines 5-11]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Carino so that the remote display protocol would 
have been the Remote Desktop Protocol. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Carino by the teaching of Anderson et al because it allows 
a user in a more classified network to run an application on an information processing means 
(e.g. workstation in the less classified network while displaying the results of the session on the 
information processing means (e.g. workstation) in the more classified network [column 14, lines 
5-11]. 

19. Claims 92 and 95 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Carino, Jr. et al U.S. Patent No. 6,651,072 Bl and Anderson et al U.S. Patent No. 6,108,787 
as applied to claims 37 and 46 above, and further in view of Anderson et al U.S. Patent No. 
6,108,787. 

As to claims 92 and 95, the Carino- Anderson combination does not teach that the remote 
display protocol is the Remote Desktop Protocol. 



Application/Control Number: 09/706, 1 1 7 Page 1 7 

Art Unit: 2131 

Anderson et al teaches a remote display protocol that is the Remote Desktop Protocol 
[column 14, lines 5-11]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified the Carino-Anderson combination so that the 
remote display protocol would have been the Remote Desktop Protocol. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified the Carino-Anderson combination by the teaching of 
Anderson et al because it allows a user in a more classified network to run an application on an 
information processing means (e.g. workstation in the less classified network while displaying 
the results of the session on the information processing means (e.g. workstation) in the more 
classified network [column 14, lines 5-11]. 

Allowable Subject Matter 
20. Claims 18, 41, 59, 66, 77, 81, 83, 86, 89, 91 and 94 are objected to as being dependent 
upon a rejected base claim, but would be allowable if rewritten in independent form 
including all of the limitations of the base claim and any intervening claims. 

As to claims 18, 41, 59, 66, 77 and 81, prior art does not discloses or fairly suggest that 
the identifier is an application server certificate. 

As to claims 83, 86, 89, 91 and 94, prior art does not discloses or fairly suggest that the 
remote display protocol is the Independent Computing Architecture protocol. 
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Conclusion 

21. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Aravind K Moorthy whose telephone number is 571-272-3793. 
The examiner can normally be reached on Monday-Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Aravind K Moorthy 
February 3, 2005 




